[dev] Re: [cvs] commit: horde login.php imp redirect.php
Jon Parise
jon at horde.org
Sun Feb 9 12:22:16 PST 2003
On Sat, Feb 08, 2003 at 11:19:51PM -0500, Chuck Hagenbuch wrote:
> For now, I'd suggest:
>
> $new_session_id = md5(uniqid(mt_rand(), true));
>
> I know uniqid is slow, but this is a login-only thing, and it's important to
> really get a unique value here. If someone has an argument that uniqid()
> isn't needed, I'm happy to hear that, too.
I don't think the hit is too bad, especially considering it only
occurs once at login.
We could check for the existence of the $UNIQUE_ID global, too, which
would save us some time if Apache has already generated a unique
identifier for us.
One of the notes on the uniqid() manual page [1] also suggests:
$new_session_id = md5(microtime() . posix_getpid());
[1] http://www.php.net/manual/en/function.uniqid.php
--
Jon Parise (jon at horde.org) :: The Horde Project (http://horde.org/)
More information about the dev
mailing list